8 Malicious NPM Packages Stole Chrome User Data on Windows
JFrog researchers found eight malicious NPM packages using 70 layers of obfuscation to steal data from Chrome browser…
chrome
Critical Chrome Use-After-Free Flaw Enables Arbitrary Code Execution
Google has released an urgent security update for the Chrome Stable channel to address a critical use-after-free vulnerability in the ANGLE graphics library that could allow attackers to execute arbitrary code on vulnerable systems. The fixes…
PoC Exploit Published for Chrome 0-Day Already Under Active Attack
A proof-of-concept exploit for a high-severity Google Chrome zero-day vulnerability has been published publicly, less than three months after the flaw was first disclosed, amid reports of active in-the-wild exploitation. The vulnerability, tracked as C…
High-Severity Mozilla Flaws Allow Remote Code Execution
Mozilla has released Firefox 142 to address multiple critical security vulnerabilities that could enable remote attackers to execute arbitrary code on affected systems. The Mozilla Foundation Security Advisory 2025-64, announced on August 19, 2025, det…
How to Fix Javascript Void 0 Error in Windows 11 Chrome, Firefox, IE
Key TakeawaysJavascript: void(0) error occurs when there is a problem with Javascript on your PC, making browsing difficult.To fix the error in Windows 11 browsers (Chrome, Firefox, IE), enable Javascript, reload webpages without cache, clear cookies a…
Legitimate Chrome VPN with 100K+ Installs Secretly Captures Screenshots and Exfiltrates Sensitive Data
A Chrome extension marketed as FreeVPN.One, boasting over 100,000 installations, a verified badge, and featured placement in the Chrome Web Store, has been exposed as spyware that silently captures screenshots of users’ browsing activities and ex…
Google fixed Chrome flaw found by Big Sleep AI
Google Chrome 139 addressed a high-severity V8 flaw, tracked as CVE-2025-9132, found by Big Sleep AI Google Chrome 139 addressed a high-severity vulnerability, tracked as CVE-2025-9132, in its open source high-performance JavaScript and WebAssembly engine V8. The vulnerability is an out-of-bounds write issue in the V8 JavaScript engine that was discovered by Big Sleep AI. […]
High-Severity Vulnerabilities Patched in Chrome, Firefox
Google and Mozilla have released patches for multiple high-severity vulnerabilities affecting Chrome and Firefox.
The post High-Severity Vulnerabilities Patched in Chrome, Firefox appeared first on SecurityWeek.
Record $250K Bug Bounty Awarded for Discovering Critical Chrome RCE Flaw
Google has awarded a record-breaking $250,000 bug bounty to security researcher Micky for discovering a critical remote code execution vulnerability in Google Chrome that could allow attackers to escape the browser’s sandbox protection. The flaw,…
Chrome sandbox escape nets security researcher $250,000 reward
Researcher earns Google Chrome ’s top $250K bounty for a sandbox escape vulnerability enabling remote code execution. A researcher who goes online with the moniker ‘Micky’ earned $250,000 from Google for reporting a high-severity Chrome vulnerability. The flaw, tracked as CVE-2025-4609, resides in the Mojo IPC system, an attacker can exploit the flaw to escape […]